Information on Dell Cloud Manager tools and general perspectives on cloud computing.

DevOps

04/23/2014

So it turns out there’s a lot of fear among the security community around using methodologies/concepts like DevOps. This fear is largely due to a number of myths about how organizations that are using a DevOps model are doing business, and what the implications are for the security of that organization. I’ll address one of those myths in today’s post, and some other myths in later posts.

Today’s myth is that by taking on the DevOps model of allowing developers to deploy code into production, you are violating separation of duties, which not only violates a variety of corporate policies but also has impact upon regulatory compliance requirements. And that would be true, if allowing developers to deploy to production actually violated separation of duties – but it doesn’t.